Rewterz Threat Advisory – ICS: Siemens S7-1500 CPU devices Vulnerability

Rewterz Threat Advisory – ICS: Multiple Siemens SINEC INS Vulnerabilities

January 13, 2023

Rewterz Threat Advisory – ICS: Siemens Solid Edge Vulnerability

January 13, 2023

Rewterz Threat Advisory – ICS: Siemens S7-1500 CPU devices Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-38773

Siemens S7-1500 CPU devices could allow a physical attacker to execute arbitrary code on the system, caused by not contain an immutable root of trust in hardware. By using a specially-crafted boot image, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2022-38773

Affected Vendors

Siemens

Affected Products

Siemens JT Open Toolkit 11.1.0.0
Siemens JT Utilities 13.0.1.0
Siemens Solid Edge SE2022
Siemens Solid Edge SE2021MP2

Remediation

Refer to Siemens Security Advisory for patch, upgrade or suggested workaround information.

Siemens Security Advisory

Rewterz Threat Advisory – ICS: Multiple Siemens SINEC INS Vulnerabilities

Rewterz Threat Advisory – ICS: Siemens Solid Edge Vulnerability

Rewterz Threat Advisory – ICS: Siemens S7-1500 CPU devices Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan